Hi, Could any one give an example of writing applications for testing the Network Drivers in FreeBSD.
Thanks Swami -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 08, 2003 12:01 PM To: [EMAIL PROTECTED] Subject: freebsd-net Digest, Vol 16, Issue 2 Send freebsd-net mailing list submissions to [EMAIL PROTECTED] To subscribe or unsubscribe via the World Wide Web, visit http://lists.freebsd.org/mailman/listinfo/freebsd-net or, via email, send a message with subject or body 'help' to [EMAIL PROTECTED] You can reach the person managing the list at [EMAIL PROTECTED] When replying, please edit your Subject line so it is more specific than "Re: Contents of freebsd-net digest..." Today's Topics: 1. Re: Request for Review: bin/54151 (Bruce M Simpson) 2. Re: ipprecedence (Bruce M Simpson) 3. QoS/device API (was Re: ipprecedence) (Luigi Rizzo) 4. Acess to virtual hosts are being blocked by natd/firewall (Guilherme Oliveira) 5. network device (diego maradona) 6. Re: Acess to virtual hosts are being blocked by natd/firewall (Guilherme Oliveira) 7. AODV RFC is now ratified (Bruce M Simpson) 8. RE: Acess to virtual hosts are being blocked by natd/firewall (Sten Daniel S?rsdal) 9. Re: Acess to virtual hosts are being blocked by natd/firewall (Guilherme Oliveira) 10. RE: Acess to virtual hosts are being blocked by natd/firewall (Sten Daniel S?rsdal) ---------------------------------------------------------------------- Message: 1 Date: Mon, 7 Jul 2003 21:08:05 +0100 From: Bruce M Simpson <[EMAIL PROTECTED]> Subject: Re: Request for Review: bin/54151 To: Dmitry Morozovsky <[EMAIL PROTECTED]> Cc: [EMAIL PROTECTED] Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset=us-ascii On Sun, Jul 06, 2003 at 09:33:11PM +0400, Dmitry Morozovsky wrote: > Dear colleagues, > > would you please spend a bit of your time to review > http://www.freebsd.org/cgi/query-pr.cgi?pr=bin/54151 > [patch to add -i option to arp(8)]? I think this sort of thing is badly needed, especially for the router/VLAN scenarios which you envisage. However, one thing which has always bothered me is the message: arp: actual retrieval of routing table I've seen this when the arp table is in an undefined state, i.e. empty, it could be more helpfully worded. BMS ------------------------------ Message: 2 Date: Mon, 7 Jul 2003 21:12:47 +0100 From: Bruce M Simpson <[EMAIL PROTECTED]> Subject: Re: ipprecedence To: Luigi Rizzo <[EMAIL PROTECTED]> Cc: Eugene Grosbein <[EMAIL PROTECTED]> Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset=us-ascii On Sat, Jul 05, 2003 at 12:33:32PM -0700, Luigi Rizzo wrote: > permit. Certain hardware even has multiple, prioritized transmit > rings, but there is no support for them in our drivers (basically we > don't have an API for that). One example which immediately springs to mind is the RTL8139C+ which Bill Paul has been playing with this very week. Also, my Efficient Networks Lanai based ATM adapter has support of kinds for this (albeit in ATM-land), even the fxp has Intel's proprietary Priority Packet software for it (pardon the pun). With the increased interest in VoIP and similar these days, perhaps hardware DS/QoS support of this nature is something the project should explore? I have heard the 'provision your network correctly' argument against this, but this doesn't address the problem of pushing isochronous traffic through a narrow pipe used to connect a branch office, so I find it unhelpful. BMS ------------------------------ Message: 3 Date: Tue, 8 Jul 2003 02:09:27 -0700 From: Luigi Rizzo <[EMAIL PROTECTED]> Subject: QoS/device API (was Re: ipprecedence) To: Bruce M Simpson <[EMAIL PROTECTED]> Cc: Eugene Grosbein <[EMAIL PROTECTED]> Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset=us-ascii On Mon, Jul 07, 2003 at 09:12:47PM +0100, Bruce M Simpson wrote: ... > With the increased interest in VoIP and similar these days, perhaps > hardware DS/QoS support of this nature is something the project should > explore? the usual problem here is that if you want your mechanisms to be useful, you should implement them in software first (even though it has a performance impact), and then exploit the hw capabilities when/if they are present and useful (e.g. on a slow link and fast CPU, you don't care too much about separate hw queues). The 'if_tx_rdy' dummynet trick that i mentioned does cover the software part, and i believe it can be made reasonably cheap (i.e. skip the function call if no pipes are registered to be clocked by that interface) so that it will not harm performance in the general case. If there is interest, i can look into doing this change and adding this call to our device drivers. cheers luigi ------------------------------ Message: 4 Date: Tue, 08 Jul 2003 12:45:17 +0100 From: Guilherme Oliveira <[EMAIL PROTECTED]> Subject: Acess to virtual hosts are being blocked by natd/firewall To: [EMAIL PROTECTED] Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset=us-ascii; format=flowed Hi ! I've configured a dmz and our workstations (192.168.0) acess to external sites very well. But sites that are hosted in 192.168.1 that are port_redirected by natd with static ip are blocked only if acessed by our workstations with 192.168.0 From internet is fine. It blocks www.site-example.com and xxx.xxx.xxx.xxx. It only works with 192.168.1.2 ! /kernel: Connection attempt to TCP xxx.xxx.xxx.xxx:80 from 192.168.0.3:2366 My natd it's configured with natd_flags="-l -s -m -u -dynamic -log_denied -log_ipfw_denied -redirect_port tcp 192.168.1.2:80 xxx.xxx.xxx.xxx:80" The firewall is configured to "OPEN". netstat -r in natd: default adsl-b3-72-1.telep UGSc 2 4300 tun0 localhost localhost UH 0 0 lo0 192.168.0 link#2 UC 5 0 xl1 192.168.0.2 00:e0:7d:ed:1b:de UHLW 0 38 xl1 940 192.168.0.3 00:50:eb:1d:80:dd UHLW 1 379 xl1 657 192.168.0.5 00:08:02:cf:1b:6d UHLW 0 1262 xl1 349 192.168.0.6 00:c0:df:09:a1:31 UHLW 0 24 xl1 560 192.168.0.7 00:c0:df:09:ab:e7 UHLW 0 977 xl1 521 192.168.1 link#3 UC 1 0 xl2 192.168.1.2 00:04:75:e9:c0:04 UHLW 1 257 xl2 331 adsl-b3-72-1.telep adslemp-b3-123-140 UH 2 0 tun0 adslemp-b3-121-73. link#1 UC 0 0 xl0 adslemp-b3-121-74. link#1 UC 0 0 xl0 adslemp-b3-121-75. link#1 UC 0 0 xl0 adslemp-b3-121-76. link#1 UC 0 0 xl0 adslemp-b3-121-77. link#1 UC 0 0 xl0 adslemp-b3-121-78. link#1 UC 0 0 xl0 netstat -r in workstation: Internet: Destination Gateway Flags Refs Use Netif Expire default sarpa UGSc 10 0 sis0 localhost localhost UH 0 140 lo0 192.168.0 link#1 UC 2 0 sis0 sarpa 00:04:75:e0:d4:52 UHLW 12 12204 sis0 596 parpa 00:50:eb:1d:80:dd UHLW 0 39 lo0 It's natd problem or ipfw ? ------------------------------ Message: 5 Date: Tue, 08 Jul 2003 14:57:22 +0200 From: "diego maradona" <[EMAIL PROTECTED]> Subject: network device To: [EMAIL PROTECTED] Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset=iso-8859-1; format=flowed Dear all, There is a way to install a 2 network device with fault tolerance(active-standby) or with load-balancing( virtual ip address)? thanks in advance yqyq22 _________________________________________________________________ MSN Extra Storage: piena libertà di esprimersi e comunicare http://www.msn.it/msnservizi/es/?xAPID=534&DI=1044&SU=http://hotmail.it/&HL=HMTAGTX_MSN_Extra_Storage ------------------------------ Message: 6 Date: Tue, 08 Jul 2003 14:37:30 +0100 From: Guilherme Oliveira <[EMAIL PROTECTED]> Subject: Re: Acess to virtual hosts are being blocked by natd/firewall To: FreeBSD-NET <[EMAIL PROTECTED]> Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset=us-ascii; format=flowed I've done that but it's not working. It's strange because if I ping www.site-example.com it goes to the right static ip. So it's pinging the right server. It could be apache configs but it happens also in qmail, ... I think it's natd but don't know how ... ------------------------------ Message: 7 Date: Tue, 8 Jul 2003 15:32:35 +0100 From: Bruce M Simpson <[EMAIL PROTECTED]> Subject: AODV RFC is now ratified To: "M. Warner Losh" <[EMAIL PROTECTED]> Cc: [EMAIL PROTECTED] Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset=us-ascii On Tue, Jul 08, 2003 at 08:13:03AM -0600, M. Warner Losh wrote: > Cool! Hopefully this work will include fixing lucent cards too :-) Hail Eris. All hail Discordia. By the way, have you seen RFC 3561? It's just out. http://www.faqs.org/rfcs/rfc3561.html Ad hoc On-Demand Distance Vector (AODV) Routing I'm putting together a brief FreeBSD HOWTO -- 'On-demand Routing with XRESOLVE for Dummies' -- hinted at by fenestro. My technique is quite simple, I create a CLONE+XRESOLVE route pointing to disc0 (to avoid routing loops when ip forwarding is enabled) for the route(s) intended to use the wireless cloud as a next-hop, then listen for RTM_RESOLVE messages when the stack tries to use those route entries to clone routes from. That then enables our hypothetical aodvd to issue RTM_CHANGE to route the data to its peer. Seems pretty clean. We can of course tweak the net.inet.ip.rt* cache tunables to prevent the stack getting swamped with stale wireless routes. I may not be able to get AODV all done on my own, but I may have a crack at it - have a lot on my plate just now. BMS ------------------------------ Message: 8 Date: Tue, 8 Jul 2003 16:57:05 +0200 From: Sten Daniel S?rsdal<[EMAIL PROTECTED]> Subject: RE: Acess to virtual hosts are being blocked by natd/firewall To: "Guilherme Oliveira" <[EMAIL PROTECTED]>, "FreeBSD-NET" <[EMAIL PROTECTED]> Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset="iso-8859-1" > > I've done that but it's not working. > > It's strange because if I ping www.site-example.com it goes > to the right > static ip. > So it's pinging the right server. > > It could be apache configs but it happens also in qmail, ... > > I think it's natd but don't know how ... > Make sure that you are diverting the traffic from LAN to DMZ via NATD. - Sten ------------------------------ Message: 9 Date: Tue, 08 Jul 2003 16:22:10 +0100 From: Guilherme Oliveira <[EMAIL PROTECTED]> Subject: Re: Acess to virtual hosts are being blocked by natd/firewall To: FreeBSD-NET <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]> Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Sten Daniel Sørsdal wrote: > Make sure that you are diverting the traffic from LAN to DMZ via NATD. I didn'tunderstand very well: ipfw is not doing this thrue the "OPEN" configuration by default ? ------------------------------ Message: 10 Date: Tue, 8 Jul 2003 17:57:10 +0200 From: Sten Daniel S?rsdal<[EMAIL PROTECTED]> Subject: RE: Acess to virtual hosts are being blocked by natd/firewall To: "Guilherme Oliveira" <[EMAIL PROTECTED]>, "FreeBSD-NET" <[EMAIL PROTECTED]> Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset="iso-8859-1" > Sten Daniel Sørsdal wrote: > > Make sure that you are diverting the traffic from LAN to > DMZ via NATD. > > I didn'tunderstand very well: > ipfw is not doing this thrue the "OPEN" configuration by default ? > No. in rc.firewall (line 124): ${fwcmd} add 50 divert natd all from any to any via ${natd_interface} This line only NAT's traffic going in and out of your upstream interface. in "OPEN" configuration it NATs the traffic from LAN and DMZ -to/from- internet. Not between the LAN and DMZ area, which is what you need. You could look into setting up your own little proxy DNS (such as pdnsd). Add the servers to hosts file on your workstations, or make it NAT the way you want. - Sten ------------------------------ _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]" End of freebsd-net Digest, Vol 16, Issue 2 ****************************************** _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
